From owner-freebsd-questions@FreeBSD.ORG Wed Apr 2 18:30:42 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 2BF81917 for ; Wed, 2 Apr 2014 18:30:42 +0000 (UTC) Received: from email2.allantgroup.com (email2.emsphone.com [199.67.51.116]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E41A5840 for ; Wed, 2 Apr 2014 18:30:41 +0000 (UTC) Received: from dan.emsphone.com (dan.emsphone.com [172.17.17.101]) by email2.allantgroup.com (8.14.7/8.14.7) with ESMTP id s32IUdUe064018 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 2 Apr 2014 13:30:39 -0500 (CDT) (envelope-from dan@dan.emsphone.com) Received: from dan.emsphone.com (smmsp@localhost [127.0.0.1]) by dan.emsphone.com (8.14.7/8.14.6) with ESMTP id s32IUdm6030623 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 2 Apr 2014 13:30:39 -0500 (CDT) (envelope-from dan@dan.emsphone.com) Received: (from dan@localhost) by dan.emsphone.com (8.14.8/8.14.7/Submit) id s32IUdxB030622; Wed, 2 Apr 2014 13:30:39 -0500 (CDT) (envelope-from dan) Date: Wed, 2 Apr 2014 13:30:39 -0500 From: Dan Nelson To: "Kenta S." Subject: Re: Disable w / who Message-ID: <20140402183039.GB23453@dan.emsphone.com> References: <20140402034019.A9BE1608AE@smtp.hushmail.com> <20140402152956.GA23453@dan.emsphone.com> <20140402154140.4EC5C608CA@smtp.hushmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20140402154140.4EC5C608CA@smtp.hushmail.com> X-OS: FreeBSD 9.2-STABLE User-Agent: Mutt/1.5.23 (2014-03-12) X-Virus-Scanned: clamav-milter 0.98.1 at email2.allantgroup.com X-Virus-Status: Clean X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (email2.allantgroup.com [172.17.19.78]); Wed, 02 Apr 2014 13:30:39 -0500 (CDT) X-Spam-Status: No, score=-3.9 required=5.0 tests=ALL_TRUSTED,BAYES_00, RP_MATCHES_RCVD,URIBL_BLOCKED autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on email2.allantgroup.com X-Scanned-By: MIMEDefang 2.73 Cc: Daniel Corbe , freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Apr 2014 18:30:42 -0000 In the last episode (Apr 02), Kenta S. said: > On 04/02/2014 at 11:30 AM, "Dan Nelson" wrote: > > > >Also remember to remove /var/run/utx.active, /var/log/utx.*, > >the netstat, sockstat, and lsof commands, > > "sysctl security.bsd.see_other_uids=0" solves this, doesn't it? > FreeBSD doesn't include lsof. Interesting. It looks like that sysctl does do what you need - hiding processes and TCP sockets owned by other users. You'll still need to remove/protect any logfiles that might store IP addresses, like the utx.* files and other files in /var/log/ . -- Dan Nelson dnelson@allantgroup.com